ISC2 Certified Cloud Security Professional (CCSP) Practice Question
Your organization is about to roll out a cloud-hosted customer relationship management (CRM) platform that will hold personal data on EU residents. Before going live, management asks you to complete a Privacy Impact Assessment (PIA) that satisfies GDPR requirements. Which item must be documented in the PIA to demonstrate compliance?
The most recent penetration-testing results for the provider's underlying infrastructure.
A diagram or description of how personal data will flow between the cloud service, on-premises systems, and any non-EU locations.
A detailed shared-responsibility matrix listing all technical security controls assigned to each party.
The cloud provider's independent SOC 2 Type II attestation report covering its data centers.
Under GDPR Article 35, a Data Protection/Privacy Impact Assessment must provide a systematic description of the intended processing, including the flows of personal data and any transfers to third countries. Mapping those data flows-especially across national borders-shows regulators that the organization understands where personal information travels, the associated jurisdictional risks, and what safeguards are in place. Penetration-test results, a shared-responsibility control matrix, and the cloud provider's SOC 2 Type II report may be useful security artefacts, but they are not mandatory elements of a GDPR-compliant PIA.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Privacy Impact Assessment (PIA) and why is it required under GDPR?
Open an interactive chat with Bash
What are the key components of a GDPR-compliant PIA?
Open an interactive chat with Bash
What are the jurisdictional risks of transferring personal data outside the EU under GDPR?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Legal, Risk and Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .